Burp Suite is a security analysis tool that can be used to simulate web requests to test a web application or system for vulnerabilities.
It has many components like Burp Intruder, Scanner, Repeater etc.
Burp Intruder can do various kinds of fuzzing attacks with provided payloads. It is used when you need to test a target system for sql vulnerabilities.
Another module, called the Burp repeater can repeatedly perform requests on the remote system.
However if you need to repeat a certain request in a loop again and again then here is the technique to do it.
This is done through the Burp Intruder with "Null payloads".
Repeat Requests in a Loop
1. Select your request in the Proxy tab and click "Send to Intruder".
2. In Intruder, in the Positions tab click "Clear" to clear all positions. We do not want to provide payloads for any position, just repeat the request.
3. In the Payloads tab, select Payload type : "Null payloads". In the next section of "Payload Options" select "Continue indefinitely".
This will generate infinite number of payloads but since we have not specified any position, the payload will not be applied anywhere in the request.
If you want to repeat the request for a specific number of times then put a number in the "Generate _____ payloads" box. It will then loop only that many times.
4. Click "Intruder > Start attack" in the top menu to start the attack.
Now the request would keep repeating according to the above provided settings.
Resources and Links
To learn more about Burp Suite visit the official website:https://portswigger.net/burp
Why would somone want to use an infinite loop of the same request? Just want to understand… is this for race conditions?
Ditto to the previous comment. This was very helpful.
Great tutorial very helpful! Made my life a lot easier. Thank you so much.